Howard Schmidt had a long career in a variety of fields including government, business, law enforcement, and of course, cybersecurity. Two of his largest contributions to cybersecurity include partnering with Tom Ridge to create a cybersecurity consulting company aptly titled Ridge Schmidt Cyber LLC and serving as the Cyber-Security Coordinator for the Obama Administration.

Schmidt attended the University of Phoenix where he obtained his BS in business administration and his Masters in Organizational Management. After graduating, he served three terms in the United States Air Force. After leaving active duty, he worked in civil services. In the 80’s, he transitioned to a city police officer. After serving as an officer, he climbed the ladder to serve in SWAT, and eventually took a role within the FBI’s National Drug Intelligence Center.

His career in cybersecurity began when he moved to the Air Force Office of Special Investigations. There, he established the first computer forensics lab in government. After 30 years of public service, George W. Bush appointed Schmidt as the Vice Chair of the President's Critical Infrastructure Protection Board and as the special adviser for cyberspace security for the White House.

This was directly following 9/11. While in that position, he was a leader in developing the U.S. National Strategy to Secure CyberSpace. Schmidt also served under President Obama as the White House Cybersecurity Coordinator and held many cyber leadership roles for Ebay. Howard passed away in 2017 due to brain cancer.

Sheila Brand is a cybersecurity pioneer known for her work in the private sector and in government computer security. She graduated from the Indiana University, Bloomington with a BA in mathematics.

Brand was the defining person behind the production of the Trusted Computer System Evaluation Criteria, known as the “Orange Book”, a standard set of requirements for assessing and effecting cybersecurity controls that are standard in a computer system. Following that she contributed to related standards, known as the “Rainbow Series” which together formed the basis for the internationally accepted Common Criteria which followed in 1998 and remain in use today.

Sheila worked to integrate theory, policy, and practice in the name of making computers stable and safe for the average consumer. Brand started her career as a young mathematician at Martin Marietta. She was the first woman allowed to travel for the company, and underwent intentional efforts to sabotage her programs by other male employees.

Her skill at seeing these attacks opened a road for her to accept a leadership position as technical chief at HHS. She eventually worked her way up to the role of chief of the standards division at NSA’s National Computer Security Center (NCSC).

Kenneth Minihan is a former United States Air Force officer known for his service as the Director of the NSA, and prior to that, the Director of the Defense Intelligence Agency under the Clinton administration.

Minihan was born in Pampa, Texas. He attended Florida State University where he obtained his BA in Political Science. He additionally got a Master’s degree from the Naval Postgraduate School. During his time under the NSA, he was the essential person in defining and implementing the National Information Assurance Program, a program that provided adequate IT cybersecurity evaluation and validation services both within government and industry.

In that regard, he operationalized NSA’s Information Systems Security mission promoting engagement with industry and academia and U.S. allies.

Kenneth was an intelligence officer who worked in leadership positions as commander at assignments in the U.S., Europe and Viet Nam. After retiring from the NSA, Minihan served as president of the Security Affairs Support Association. He currently works as a Managing Director in the Paladin Capital Group, developing and implementing new investment opportunities for their Homeland Security Fund and in support of cybersecurity startups.

Minihan has received multiple awards for his service in the military, including the National Security Medal, the Defense Distinguished Service Medal, The Bronze Star, and the National Intelligence Distinguished Service Medal.

Virgil D. Gligor is a Romanian Born professor in the Department of Electrical and Computer Engineering at Carnegie Mellon University.

He specializes in researching applied cryptography, distributed Systems, and cybersecurity. Other subjects that he worked on include covert channel analysis, access control mechanisms, intrusion detection, and DoS Protection. Gligor received all his degrees, BS, MS, and PHD, at The University of California Berkeley.

Virgil taught at the University of Maryland from 1976 to 2007. In 2008, he left UM to teach at Carnegie Mellon University. During his time there, he became co-Director of CMU’s CyLab. Gligor has received many accolades and honors for his work in cryptography and security. In 2011, the Association for Computing Machinery awarded him with the Outstanding Innovation Award. Virgil also received the 2006 National Information Systems Security Award from the United States National Security Agency. Additionally, he has been recognized by the IEEE Computer Society for his cryptography work.

Gligor is a pioneer of computer security and has dedicated four decades of his life to exploring cryptography and addressing issues within the cyber world, such as next generation security and trustworthy computing in the face of malware.

Rebecca “Becky” Bace was an American cybersecurity expert and a true pioneer in the field of intrusion detection. She was born in Leeds, Alabama, a rural area. As a child, she was diagnosed with epilepsy. During her high school years, she obtained scholarships from Betty Crocker and Jimmy Hoffa, allowing her to be accepted into the University of Alabama in 1973. During her time there she was the only woman majoring in the field of Engineering.

Bace flourish in her role as a cybersecurity solutions focused engineer despite her having to overcome racism and sexism in the field. Her legacy has solidified her as one of the most influential women in cybersecurity and was one of pioneers of intrusion detection in cybersecurity’s early stages.

In her 16-year career with the NSA, she created the Computer Misuse and Anomaly Detection (CMAD) research program. She is notable for playing an important role in the apprehension of hacker Kevin Mitnick. She spent the latter part of her career helping guide startups as a venture capitalist and maintaining her role as CEO of the Network security consultancy Infidel.

She was known by her peers as the “den mother of computer security” and was a large influence on the Silicon Valley investment boom regarding cybersecurity services and products. Other accomplishments include authoring a book titled Intrusion Detection and providing seed money that enabled UC Davis and Purdue University to kick start computer security labs.

Brian Snow had an astounding 35 years of employment at the NSA, serving as Technical Director of the Information Assurance Directorate for 6 of those years. He was known for spotting vulnerabilities in security architecture and worked to create solutions that strengthened security.

Recognizing the need to modernize the Agency’s cryptographic program, Brian led the NSA review of AES. This allowed NSA to build on standards-based solutions and gave confidence to NSA collaborators around open, transparent processes for cryptographic capabilities.

After graduating from the University of Colorado, Boulder, Snow started his career as a math professor at Ohio University. There he laid the groundwork for Ohio University’s first computer science program. He started his work with NSA in 1971 working with cryptography and system security. He helped create the Secure Systems Design division and had a large role in the development of military tactical radios. During his career, he strongly supported the transition from RSA to Elliptic Curve Cryptography as the main public key in cryptography.

Snow is retired from the NSA, but before retiring in 2006, he assumed a leadership role in the development of an ethics code for intelligence officers. Snow was a leader in bridging the gap between the government’s cryptographic dominance and the emerging external/commercial cryptographic community. In so doing, he created transparency, trust, and confidence.

Corey Schou is a University Professor, Associate Dean, published author, and the director of the National Information Assurance Training and Education Center. He spent ten years serving as the chair of the Colloquium for Information Systems Security Education, a forum he also helped start. During his time serving as chair, Schou worked to help create an open dialogue between leaders in government, workers in the security industry, and top academic minds to advocate the need for and utilization of information security and information assurance education.

Schou attended Rollins College where he obtained is BS in Bio-Chemistry. He eventually attained his PHD in International Law at Florida State University. Schou’s bread and butter is management information and training systems. During his career, he has worked with a large variety of organizations including General Motors, Microsoft, and Federal Express, helping these companies develop their information security.

He also collaborated with others to establish a body of knowledge for computer security. The city of San Francisco later recognized his work with their organizations. In addition he has received various awards including the 1997 TechLearn Award and the 2001 (ISC)2 Tipton Award. He has written on these subjects frequently, with more than 300 books, papers, and articles under his belt. Some of his most well-known books include Information Assurance Handbook: Effective Computer Security and Risk Management Strategies and Principles of Computer Security CompTIA Security+ and Beyond Lab Manual.

Most importantly, he led the development of the college curricula which underpins the Centers of Academic Excellence in Information Systems Security (Cybersecurity) programs at more than 250 colleges and universities in the U.S.

Horst Feistel is one of the most important figures of modern cryptography. The ubiquitous DES cipher was primarily his invention, and the techniques he developed are still used in most modern block ciphers. Feistel was born in Berlin, Germany in 1915, and immigrated to the United States in 1934. Here, he earned a Bachelor's degree from MIT, and a Master's from Harvard, both in Physics. Despite this, his true calling was cryptography. Unfortunately, his German background aroused suspicion.

He worked on crypto systems for the U.S. Air Force and MITRE Corp, both of whom were pressured to halt his research. Eventually, he was able to find a research position at IBM's Thomas J. Watson Laboratory.

It was at IBM where Feistel developed the Lucifer cipher, in the early 1970s. The Lucifer algorithm he developed takes 64 bits of text and 64 bits of key material and produces 64 bits of cipher text. The cipher text and the key can be used to recover plaintext, making it a symmetric cipher. The specific method he used to scramble the data became known as a Feistel Network. Lucifer was widely considered to be one of the most secure crypto systems of its time. After a few tweaks mandated by the NSA, such as scaling back the key size to 56 bits, Lucifer was chosen as Data Encryption Standard (DES) for the United States. Feistel died in 1990.

Professor Hoffman developed the nation’s first regularly offered university course on computer security and is the author or editor of five books that captured the state of cybersecurity and privacy at various times between 1973 and 1995. His 1999 study of encryption products explored the effect of the United States export control regime that he later presented before Congress.

His research has spanned multiple aspects of cybersecurity including cryptography policy, risk analysis, and statistical inference for data mining. His thought leadership included pioneering workshops on Internet voting, cybersecurity educational competitions, and workforce development; the institutionalizing of the ACM Conference on Computers, Freedom, and Privacy; and the development of courses that focused on e-commerce security, information policy, and cybersecurity and governance as the field broadened.

He initiated and still leads a CyberCorps scholarship program that has produced dozens of cybersecurity experts with degrees in at least ten majors who have gone on to work for dozens of different government agencies. Some later started their own cybersecurity companies.

Upon graduation from MIT, Paul A. Karger was commissioned in the U.S. Air Force. His Multics security work included a classic 1974 paper on penetration testing. He taught at the U.S. Air Force Academy before joining Digital Equipment Corporation, where he worked on multilevel secure systems.

He was able to transform requirements and formalisms into designs and implementations. Paul was the lead designer of the VAX VMM security kernel, which was successfully evaluated at TCSEC Class A1. This was a remarkable accomplishment: a product from a major corporation able to enforce mandatory access control policies with high assurance. Paul earned a Ph.D. from the University of Cambridge. He was security architect for the Open Software Foundation. He worked on telephone security at GTE Laboratories. Finally, on the staff of the Thomas J. Watson Research Center, Paul was a founding member of IBM's ethical hacking consulting service. He continued to design commercial systems including a high assurance smart card operating system.

Paul was always generous with his time and encyclopedic knowledge of secure systems. His enthusiasm for high assurance development was contagious. Insight, clear thinking, and communication skills allowed him to be a leader in shaping our notions regarding highly trustworthy systems. He never tired of providing examples where security thinking during system design could make a difference. His 1995 paper on privacy threats to intelligent transport systems was a harbinger of dangers ahead if security for GPS and mobile devices was ignored.

Prior to his untimely death, Paul was the inventor or co-inventor on 14 U.S. patents and 19 non-U.S. patents. He wrote or co-authored more than 90 technical papers, greatly influencing the evolution of high assurance technology.

Butler Lampson is a Technical Fellow at Microsoft Corporation and an Adjunct Professor of Computer Science and Electrical Engineering at MIT. He was on the faculty at Berkeley and then at the Computer Science Laboratory at Xerox PARC and at Digital's Systems Research Center. He has worked on computer architecture, local area networks, raster printers, page description languages, operating systems, remote procedure call, programming languages and their semantics, programming in the large, fault-tolerant computing, transaction processing, computer security, WHSIWYG editors, and tablet computers. He was one of the designers of the SDS 940 time-sharing system, the Alto personal distributed computing system, the Xerox 9700 laser printer, two-phase commit protocols, the Autonet LAN, the SDSI/SPKI system for network security, the Microsoft Tablet PC software, the Microsoft Palladium high-assurance stack, and several programming languages.

He received an AB from Harvard University, a PhD in EECS from the University of California at Berkeley, and honorary ScD's from the Eidgenössische Technische Hochschule, Zurich and the University of Bologna. He holds a number of patents on networks, security, raster printing, and transaction processing. He is a member of the National Academy of Sciences and the National Academy of Engineering and a Fellow of the Association for Computing Machinery and the American Academy of Arts and Sciences. He received the ACM Software Systems Award in 1984 for his work on the Alto, the IEEE Computer Pioneer award in 1996, the National Computer Systems Security Award in 1998, the IEEE von Neumann Medal in 2001, the Turing Award in 1992, and the National Academy of Engineering's Draper Prize in 2004.

At Microsoft he has worked on anti-piracy, security, fault-tolerance, and user interfaces. He was one of the designers of Palladium, and spent two years as an architect in the Tablet PC group. Currently he is in Microsoft Research, working on security, privacy, and fault-tolerance, and kibitzing in systems, networking, and other areas.

With a major in Mathematics, Len got his start in computers with IBM in the Time Life building in NYC in 1960. He continued in this new field as an Army Lieutenant with the Army Security Agency Training Center and School at Fort Devens, Massachusetts from 1961 to 1963. There he worked with an IBM 650 (1000 words of main memory!) and taught Fortran programming. After over 40 years with The MITRE Corporation where he worked on numerous federal government contracts, Len retired in 2013. 

His principal efforts with MITRE supported various initiatives to improve computer and network security, ending with a project on cyber resiliency. In 1973, he co-authored with David Bell a pioneering paper on computer security, which came to be known as the “Bell-LaPadula Model”. 

This mathematical model became part of the computer science curriculum in many universities, influenced developments in computer systems, and contributed to the “Orange Book” series published by the National Security Agency. As a retiree, he enjoys quiet gardening.

William Hugh Murray began his security career at IBM in the late 1960s when he managed the development of the user access control subsystems for IBM’s ground breaking Advanced Administrative System (AAS), a model for later systems. In 1976 he authored the IBM publication Data Security Controls and Procedures which remained in publication into the 90s. These two works began a career providing security leadership, innovation, guidance, and support to government, business, and academia and their requirements to IBM research and product development.

He is a founder of the Colloquium for Information System Security Education (CISSE). He led the ISSA committee that expressed the professional common body of knowledge which was used to develop the examination for certifying information security professionals and the (ISC)2 committee that wrote the professional code of conduct and ethical guidance. He served for more than a decade on the Board of (ISC)2 seeing it from a volunteer effort to a self-supporting enterprise serving more than a hundred thousand professionals.

Dan Geer has ten years in clinical and research medical computing followed by five years running MIT’s Project Athena. After a small stint in the Research Division of the then Digital Equipment Corporation, he became involved in a series of start-up endeavors, in all cases either as a founder outright or an officer of the company.

Mr. Geer now finds himself in government service as the CISO at In-Q-Tel, the investment arm of the U.S. Intelligence community. He is a frequent author, six times entrepreneur, and has spoken five times before Congress on cybersecurity initiatives.